Methods of identifier determination and of biometric verification and associated systems

ABSTRACT

The invention relates to a method of determining an identifier of determined discriminating power from biometric data. According to the method, biometric data is obtained relating to an individual. The biometric data is converted into a digital string. A word of an error-correcting code is associated with the individual. The error-correcting code word is added to the digital string. An identifier relating to the individual is determined by applying a hashing function to the error-correcting code word, the hashing function being selected to ensure the determined discriminating power to said identifier.

BACKGROUND OF THE INVENTION

The present invention relates to using biometric data.

It is known to use biometric data relating to individuals in the contextof numerous applications.

For example, verifying the identity of an individual may be based oncomparing biometric data measured on individuals giving their identitieswith biometric data previously obtained in correspondence with saididentities.

In another example, the grant of a right may be subject to biometricverification, where the term “grant of a right” should be understoodvery broadly (granting a driver's license, a travel ticket, a payment,access to premises, etc.).

A problem is associated with the nature of the biometric data used. Thediscriminating power of that data can be very variable. Discriminatingpower corresponds to the ability to characterize an individual withgreater or lesser precision.

Thus, biometric data such as the general shape of a hand or the lengthof a few fingers of the hand discriminates relatively little, sincethere is a relatively high probability of any two individuals presentingthe same data. Conversely, biometric data such as the fingerprints ofall ten digits of the hand, or such as the iris characteristics of theeyes presents a relatively high level of discrimination, such that thereis a relatively small probability of any two individuals presenting thesame data.

Some applications require biometric data to be used with strongdiscriminating power, since they relate exclusively or almostexclusively to particular individuals. This can apply for example to anapplication seeking to give specialized personnel access to a strategicsite.

In contrast, in other applications where the stakes are lower, the useof biometric data with poor discriminating power can be preferred,recommended, or even made mandatory.

A drawback of highly discriminating biometric data is that it can invadeprivacy since it can make it possible to characterize an individualcompletely. Thus, it is not impossible that an application using highlydiscriminating biometric data could be misappropriated to find datarelating to its users (in particular personal data, e.g. identity)outside the normal context of use.

This drawback can lead to certain individuals who seek to remainanonymous avoiding applications that use biometric data that is judgedto be too highly discriminating.

Furthermore, in some countries, legislation is in place enabling a givenapplication to be refused if it uses highly discriminating biometricdata, even though it would be accepted if it used biometric data withweaker discriminating power. Typically, it can be required that thelevel of discrimination implemented is proportional to the security atstake in the intended application.

The fact that applications need to use biometric data with differentdiscriminating powers makes it necessary to adapt the means forobtaining and processing biometric data to each application, which istime consuming and involves relatively high implementation costs.

An object of the present invention is to limit those drawbacks.

SUMMARY OF THE INVENTION

The invention thus provides a method of taking biometric data and ofdetermining therefrom an identifier of determined discriminating power.The method comprises the following steps relating to an individual:

-   -   obtaining biometric data relating to the individual;    -   converting the biometric data into a digital string;    -   associating a word of an error-correcting code with the        individual;    -   adding the error-correcting code word to the digital string; and    -   determining an identifier relating to the individual by applying        a hashing function to the error-correcting code word, the        hashing function being selected to ensure that said identifier        has the determined discriminating power.

The identifier as obtained in this way stems from biometric datarelating to the individual. Nevertheless, it has its own discriminatingpower that is less than that of the initial biometric data. In otherwords, the identifier corresponds to controlled degradation of theinitial biometric data.

Furthermore, the degradation is not invertible, i.e. because of theproperties of the hashing function, it is practically impossible to findthe code word when knowing only the hashed code word.

The discriminating power of the identifier is determined, possibly inadvance, e.g. with reference to a level of discrimination desired for anapplication that provides for verification making use of saididentifier. The discriminating power can thus be selected depending onrequirements. In particular it can be selected to be sufficiently weakto guarantee a certain level of privacy protection, whenever that isnecessary.

The invention also provides a biometric verification method using afirst data medium storing in association, for at least one individual ina set of individuals: an identity relating to said individual; theresult of adding a first word of an error-correcting code associatedwith said individual and a first digital string obtained from biometricdata relating to said individual; and at least one identifier ofdetermined discriminating power obtained by applying a hashing functionto the first error-correcting code word. The method comprises thefollowing steps relating to an individual of the set of individuals:

-   -   obtaining biometric data relating to the individual;    -   converting the biometric data into a second digital string;    -   determining a second error-correcting code word corresponding        substantially to adding the second digital string to the result        of adding the first error-correcting code word to the first        digital string stored on the first data medium in association        with the identity relating to said individual;    -   applying said hashing function to the second error-correcting        code word; and    -   comparing the result of applying said hashing function to the        second error-correcting code word with the identifier of        determined discriminating power stored on the first data medium        in association with the identity relating to said individual.

Such biometric verification is performed using an identifier havingdiscriminating power that matches expectations. It is also based oninitial biometric data, which may be obtained using conventionalacquisition means, for example, regardless of the level ofdiscrimination that is desired.

Advantageously, a plurality of identifiers having distinct determineddiscriminating powers can be stored for a given individual. Anidentifier is then selected from that plurality, where the selectedidentifier has discriminating power that best matches the level ofdiscrimination desired for the application that is to be implemented.

Thus, starting from a common biometric measurement, it is possible toimplement verifications having different levels of discrimination,depending on requirements. This implies significant savings in the meansthat need to be deployed (e.g. biometric sensors), and great simplicityin implementation.

The invention also provides an identification method using a first datamedium storing in association, for each individual in a set ofindividuals: an identity relating to said individual; the result ofadding a first word of an error-correcting code associating saidindividual with a first digital string obtained from biometric datarelating to said individual; and at least one identifier of determineddiscriminating power obtained by applying a hashing function to thefirst error-correcting code word. The method comprises the followingsteps relating to an individual of the set of individuals:

-   -   obtaining biometric data relating to the individual;    -   converting the biometric data into a second digital string;    -   determining a plurality of second error-correcting code words        each corresponding substantially to adding the second digital        string to the result of adding the first error-correcting code        word to the first digital string stored on the first data medium        for an individual of said set of individuals;    -   applying said hashing function to each second error-correcting        code word;    -   comparing the result of applying said hashing function to each        second error-correcting code word with the identifier        corresponding to the determined discriminating power that is        stored on the first data medium; and    -   determining the identity of said individual, said identity        corresponding to an identity stored on the first data medium in        association with an identifier for which said comparison has        found equality.

The invention also proposes a system comprising means for obtainingbiometric data and digital processor means arranged to implement theabove-mentioned method of determining an identifier of determineddiscriminating power from biometric data.

The invention also provides a system comprising means for obtainingbiometric data and digital processor means arranged to implement theabove-mentioned method of biometric verification.

The invention also provides a system comprising means for obtainingbiometric data and digital processor means arranged to implement theabove-mentioned identification method.

The invention also provides a computer program product comprising codeinstructions adapted to implement the above-mentioned method ofdetermining an identifier of determined discriminating power frombiometric data, on being loaded and executed by computer means.

The invention also provides a computer program product comprising codeinstructions adapted to implement the above-mentioned method ofbiometric verification, on being loaded and executed by computer means.

The invention also provides a computer program product comprising codeinstructions adapted to implement the above-mentioned method ofidentification, on being loaded and executed by computer means.

The preferred features of the above aspects which are indicated by thedependent claims may be combined as appropriate, and may be combinedwith any of the above aspects of the invention, as would be apparent toa person skilled in the art.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagram showing the steps of an enrollment stage enabling anidentifier to be determined in accordance with the invention;

FIG. 2 is a diagram showing steps of biometric verification inaccordance with the invention;

FIG. 3 is a diagram showing additional steps of biometric verificationin a particular implementation of the invention; and

FIGS. 4 to 7 are simplified examples of digital strings used in thecontext of performing biometric verifications on the principles of theinvention.

DESCRIPTION OF PREFERRED EMBODIMENTS

FIG. 1 shows an individual 1 for whom it is desired to determine anidentifier of determined discriminating power, during a stage referredas an “enrollment” stage. This discriminating power may be selected, forexample, so as to comply with a level of discrimination required by anapplication implementing biometric verification. The identifier asdetermined in this way can then be used during biometric verification,by providing a guarantee that the requirements of the application interms of discrimination are satisfied.

The identifier is determined as follows.

Biometric data is initially obtained for the individual 1. Thisbiometric data may be of various different types. Preferably, itpresents relatively high discriminating power. Discriminating power issometimes characterized by a “false acceptance” rate that corresponds tothe probability of confusing any two people on analyzing their biometricdata. The biometric data obtained in the present example is thusadvantageously selected to present an acceptable false acceptance ratethat is below a predetermined threshold, e.g. 10⁻⁶. The data may thusrelate to fingerprints or to the characteristics of the iris of an eye,for example.

The biometric data is advantageously obtained by acquisition using asensor 2. The sensor is adapted to the kind of biometric data that it isdesired to obtain. Thus, it may be a conventional fingerprint sensor ora sensor of iris characteristics.

Once obtained, the biometric data of the individual 1 is converted intoa digital string, in a manner that is known per se. The digital stringw₁ obtained in this way (step 3) may be constituted by a string ofbinary digits, for example.

When the biometric data comprises fingerprints, obtaining the string w₁may comprise pre-orientation of fingerprint images in a particulardirection, and extracting certain characteristics (e.g. minutiae orridge directions). When the biometric data relates to the iris, an iriscode can be extracted. These methods are known in themselves and candepend on a type of error correction used (the application of such errorcorrection is described below). Certain methods are described in thepublished articles cited below. Naturally, other methods are alsopossible.

The individual is associated with a code word c₁ from anerror-correcting code, which code word may be selected in random mannerfrom the various words of the code. This word is a digital string, e.g.a binary string, as is preferably identical in size to the binary stringw₁.

For this purpose, various error-correcting codes can be used. Asnon-limiting examples, mention can be made of the length 511 BCH codedescribed by P. Tuyls, A. Akkermans, T. Kevenaar, G. J. Schrijen, A.Bazen, and R. Veldhuis, in the article “Practical biometricauthentication with template protection”, AVBPA 2005, LNCS 3546, 2005,published in 2005, or the concatenated Hadamard/Reed-Solomon codedescribed by R. Anderson, J. Daugma, and F. Hao, in the article“Combining cryptography with biometrics effectively”, Technical reportUCAM-CL-TR-640, University of Cambridge, published in July 2005.Naturally, other error-correcting codes could be used.

Once associated with the individual 1, the error-correcting code word c₁is added to the binary string w₁ (step 4). As is conventional in digitalprocessing, the term “add” is used to mean the exclusive OR operation(⊕), where adding the two binary strings is such that two identical bitshaving the same rank in both strings give rise to a “zero”, whereas twodifferent bits of the same rank in the two strings give rise to a “1”.This produces a new binary string w₁⊕c₁.

An identifier H(c₁) is also calculated from the code word c₁, where thefunction H is a hashing function (step 5). A hashing function is acompression function serving to obtain information that is shorter thanthe initial information that was applied thereto. It also has theproperty of delivering results that are very different from initialinformation items that differ very slightly, i.e. it accentuatesdifferences between distinct items of information, so as to avoid itbeing easy to rediscover the initial information from the result ofhashing.

In the context of the invention, the hashing function H is selected insuch a manner that the resulting identifier H(c₁) has determineddiscriminating power. In other words, the hashing function selectedimplies a probability of collision, i.e. a probability of reaching thesame condensed version from distinct strings, that corresponds to thefalse acceptance rate that is presented by the identifier H(c₁).

Advantageously, the hashing function is selected to have an equiprobablearrival space comprising a number of possible values that correspondsubstantially to the determined discriminating power of the identifier.

As a non-limiting example, use can be made of a hashing function Hderived from the SHA-1 function described in the FIPS 180-1 standard,“Secure hash standard”, published in April 1993 by the FederalInformation Processing Standards organization, that produces condensedstrings of 160 bits. Many other hashing functions could naturally alsobe used.

Thus, if it is desired that the identifier to be determined can take onevalue from a number of possible value that is equal to 2^(n), wheren<160, it is possible to select a hashing function H such that for anybinary string x of length l, H(x)=[SHA-1(x)]_(i1, . . . , in), where[X]_(i1, . . . , in) designates the bits of respective ranksi_(1, . . .) , i_(n) in the binary string x. Thus,H(c₁)=[SHA-1(c₁)]_(i1, . . . , in), i.e. the identifier as determined,is a string of n bits corresponding to the bits of ranks i_(1, . . .) ,i_(n) of the binary string that result from applying the SHA-1 functionto the code word c₁. In this example, H(c₁) thus has discriminatingpower of 2^(n). Because of the properties of the function H, anyarbitrary individual has one chance in 2^(n) of having the sameidentifier H(c₁) as the individual 1, even if some other code word c₂ isassociated with that individual.

In the above example, it is thus possible to define the discriminatingpower of the identifier that is to be determined merely by setting thenumber n. If it is desired to be able to perform biometric verificationin a manner that discriminates little, then n should be selected to berelatively small (e.g. less than 20). Conversely, if it is desired to beable to perform biometric verification in a highly discriminatingmanner, then n should be selected to be relatively large (e.g. greaterthan 20).

Advantageously, the information obtained relating to the individual 1,i.e. w₁⊕c₁ and H(c₁) is subsequently stored in associated manner on adata medium (step 6). The information is also associated with anidentity I₁ of the individual 1. This identity, which may consist in thesurname and forename of the individual 1, but could possibly beconstituted by other types of information, can be given by theindividual 1 (step 7) or else can be obtained by other means. Theidentity is advantageously verified prior to being stored on the datamedium.

In the example shown in FIG. 1, all of the information is stored in anidentity database 8 for storing information about a set of individuals1-m. In a variant, the items of information w₁|c₁, H(c₁), and I₁ couldbe stored in association on a biometric token advantageously held by theindividual 1. Other data media can also be envisaged, insofar as theycan subsequently be interrogated when performing biometric verification.

It should be observed that in the database 8, the binary string w₁characterizing the individual 1 is not stored as such, but only in theform w₁⊕c₁. Thus, any person having access to the database cannot find alink between the identity I₁ and the binary string w₁ of the individual1. Such a person knowing the identity I₁ will be incapable of deducingtherefrom the binary string w₁ on the basis of data in the database 8.Similarly, if such a person knows the binary string w₁, the identity I₁cannot be deduced therefrom on the basis of data in the database 8.

Advantageously, the binary string w₁ of the individual 1 and theidentifier H(c₁) that is obtained are also stored with each other on asecond data medium that may also be a database 11 or any other suitablemedium (steps 9 and 10). The biometric database 11 does not haveidentity information, such as the identity I₁ of the individual 1,thereby guaranteeing that privacy is protected.

It should be observed that all or some of the above-described operationscan be implemented by a system advantageously making use of a computerprogram. The system may be constituted by a simple apparatus, comprisingthe sensor 2 and digital processor means appropriate for processing thebinary strings, or else it may be distributed amongst differentapparatuses capable of communicating with one another by any manner thatcan be envisaged.

With reference to FIG. 2, there follows a description of how biometricverification can be performed using an identifier of determineddiscriminating power as described above. This biometric verification canbe implemented in the context of any application. For example, it may bea prelude to granting a right, as specified in the introduction. Theintended application requires a given level of discrimination, withreference to which the discriminating power of the above-describedidentifier has been determined.

In the example of FIG. 2, the individual 1 who has previously undertakenan enrollment stage as described with reference to FIG. 1, is nowsubjected to biometric verification. For this purpose, biometric data isobtained from the individual 1. The biometric data in question is dataof the same type as that which was obtained during enrollment. It mayadvantageously be obtained with a sensor that is the same or of the sametype as the sensor 2 of FIG. 1.

The resulting biometric data is then converted into a digital string,under the same conditions as during enrollment (step 12). In the exampledescribed, a binary string w′₁ is thus obtained which may differ fromthe binary string w₁ to a greater or lesser extent. These differencesare associated with the lack of reproducibility in biometricmeasurements performed using the sensor 2. By way of example, twosuccessive measurements of a fingerprint can differ because of variationin the angle of inclination of the finger or because of variation in thepressure exerted by the finger on the sensor between the twomeasurements.

Thereafter, a new binary string is calculated by adding w′₁ and thestring w₁⊕c₁ as previously stored in the database 8 or any equivalentdata medium (step 13). The string w₁⊕c₁ corresponding to the individual1 is found in the database 8, e.g. using the identity I₁ as given by theindividual 1.

The result of this new addition, i.e. w′₁⊕w₁⊕c₁ can consist in a wordc′₁ of the error-correcting code to which the word c₁ belongs.Otherwise, the decoding algorithm associated with said error-correctingcode is advantageously used in order to find the word c′₁ of theerror-correcting code that is the closest to w′₁⊕w₁⊕c_(l). The successof this operation relies on the fact that the error-correcting code isdesigned to correct a certain number of errors in binary strings, wherethe differences between w′₁ and w₁ are then thought of as errors.

The hashing function H as used in the above-described enrollment stageis then applied to the new code word c′₁ (step 14). The resultingcondensed information H(c′₁) is then compared with the identifier H(c₁)stored in the database 8 for the individual 1 (step 15). The identifierH(c₁) is found in the database 8, e.g. using the identity I₁ given bythe individual 1.

If H(c′₁) is identical to H(c₁), then biometric verification can beconsidered as being a success, i.e. it is considered that the individual1 being verified is indeed the individual who was previously enrolled asdescribed with reference to FIG. 1. It is thus possible to performauthentication from the identity I₁ given by the individual 1.

Any differences between the strings w₁ and w′₁, providing they are notexcessive, are smoothed out by the properties of the error-correctingcode. In this way, for the example described with reference to FIG. 2,it can be hoped that a code word c′₁ will be obtained that is equal toc₁. Consequently, H(c′₁)=H(c₁), and the individual 1 is successfullyauthenticated.

Conversely, if the individual being subjected to biometric verificationpretends wrongly to have the identity I₁, then it is very likely thatthe code word c′₁ obtained for the individual using the above-describedprinciples will be different from c₁. Under such circumstances, H(c′₁)can differ from H(c₁) and authentication fails. However, given theproperties of the function H, it is nevertheless still possible thatH(c′₁)=H(c₁) even though c′₁ differs from c₁. Under such circumstances,authentication will be considered, wrongly, as being successful. Theindividual who has usurped the identity I₁ can then possibly pass him-or herself off as the individual 1. That constitutes an instance offalse acceptance that the intended application is designed to tolerate.

This uncertainty is associated with the relatively poor discriminatingpower of the identifier H(c₁). However, this low level of discriminationprevents any person who has access to the database 8 from retrieving theidentity I₁ of the individual 1 from the identifier H(c₁), since aplurality of individuals may have the same identifier H(c₁). Thisensures protection for the privacy of the individual 1.

It will be understood that biometric verification can thus be performedwith a low level of discrimination in order to protect the privacy ofthe individual 1, even when using biometric data that presents arelatively high level of discrimination.

After the verification performed in step 15, other steps may optionallybe implemented depending on the intended application. For example, aright might be granted to the individual 1 under such circumstances.

FIG. 3 shows an example of biometric verification including verificationsteps additional to those of the example of FIG. 2. Steps 12 to 14 areidentical to those of FIG. 2.

After obtaining the binary string w′₁ relating to the individual 1, thecorresponding binary string w₁ is found in the biometric database 11 orany other equivalent data medium, i.e. the string is found that presentsthe greatest similarity with w′₁ and that is therefore likely tocharacterize the same individual 1 (step 16).

Thereafter, the identifier H(c₁) previously stored in the biometricdatabase 11 in association with w₁ during the enrollment stage is alsofound.

H(c′₁) is then compared with the identifier H(c₁) (step 17). If they areequal, it can then be concluded that the individual 1 has already beenbiometrically recorded in the database 11 during prior enrollment.

This verification can be useful, for example, in order to avoid theindividual 1 being subjected to a plurality of successive enrollmentsthat could potentially allow that individual to have the same rightgranted more than once (for example a plurality of driver's licenseswith different identities, etc.).

Here again, the relatively poor discriminating power of the identifierH(c₁) prevents any person who has access to the database 11 from findingthe binary string w₁ characterizing the individual 1 on the basis of theidentifier H(c₁), since a plurality of individuals can have the sameidentifier H(c₁). This ensures protection for the privacy of theindividual 1.

It should be observed that all or some of the operations described withreference to FIGS. 2 and 3 can be implemented by a system thatadvantageously makes use of a computer program. The system may consistin a single apparatus, comprising the sensor 2 and the digital processormeans needed for processing the binary string, or it may be spread overa plurality of apparatuses suitable for communicating with one anotherin any manner that can be envisaged. The system may be the same as thatdescribed with reference to FIG. 1 and used during enrollment. Thesystems could equally well be distinct.

In an implementation of the invention, a plurality of identifiers havingdistinct discriminating powers are determined for the individual 1.Thus, t identifiers H₁(c₁), H₂(c₁), . . . , H_(t)(c₁) having decreasingdiscriminating powers can be obtained and stored in association with theindividual 1 in application of the principles described with referenceto FIG. 1.

Depending on the application that it is desired to implement, biometricverification is performed as described with reference to FIG. 2 or FIG.3, using the identifier of discriminating power that corresponds to thelevel of discrimination required for said application. Thus, anapplication requiring a high level of discrimination can requirebiometric verification using the identifier H₁(c₁), whereas anapplication requiring a low level of discrimination can requirebiometric verification using the identifier H_(t)(c₁), for example.

The desired level of discrimination can be determined beforehand,possibly as a result of negotiation with the individual concerned.

Under such circumstances, it will be understood that biometricverifications with different levels of discrimination can be performedusing a single biometric data set and thus using a single sensor, in amanner that is transparent for the individual concerned. Nevertheless,the privacy of the individual is guaranteed wherever necessary, even ifbiometric data with a relatively high level of discrimination isinitially acquired for said individual.

FIGS. 4 to 7 show simplified numerical examples for better understandingthe operation of the above-described invention.

FIG. 4 shows a binary string w₁ assumed to characterize an individual 1.In the example shown, and for reasons of clarity and simplification, thebinary string w₁ has only 14 bits, which provide a relatively low levelof discrimination (2¹⁴=16384 possible values in all). In reality, such abinary string could advantageously comprise a larger number of bits, forexample 20 or more bits.

Furthermore, the error-correcting code C used is made up of fourdistinct words, namely m₁=11111110000000, m₂=00000001111111,m₃=11111111111111, and m₄=00000000000000. Given the format of these fourwords, it will be understood that the error-correcting code C cancorrect three errors without ambiguity. A binary string presenting threedifferences with one of these four words, e.g. m₁, will have even moredifferences with the other three words, such that it can be associatedwith m₁ without hesitation. Naturally, the code C selected for thisexample is a simplified code. In practice, error-correcting codes thatare more complex, such as those mentioned above, could advantageously beused.

During the enrollment of the individual 1, a word of the code C, i.e.m₃, is associated with the individual 1, possibly in arbitrary manner.With the same notation as used above, this gives c₁=m₃. Then, the binarystring w₁⊕c₁ is determined, i.e. w₁⊕m₃, as shown in FIG. 4.

In addition, a hashing function is applied to the code c₁=m₃. In theexample described, the hashing function H used consists in selecting thesecond bit of a binary string, starting from the left. Thus H(c₁) isequal to 1, as shown in FIG. 4 by a box round the selected bit.Naturally, such a hashing function is particularly simple, for reasonsof clarity. In practice, it is possible to use hashing functions thatare more complex, such as those mentioned above.

After the individual 1 has been enrolled, the two following items ofinformation are available: w₁⊕c₁=01100001111001 and H(c₁)=1. Thisinformation is advantageously stored on a data medium so it can be foundduring a subsequent verification stage.

FIG. 5 shows an example of biometric verification concerning theindividual 1. A new binary string w′₁ is obtained for the individual 1,e.g. using a new biometric measurement. This binary string w′₁ has threedifferences relative to the binary string w₁. The bits that differ areringed in the binary string w′₁ of FIG. 5.

Then, in accordance with the principles described above, the binarystring w′₁⊕w₁⊕c₁ is calculated and a search is made to find the word c′₁of the code C that is closest to this string. It is found that thestring w′₁⊕w₁⊕c₁ has three differences relative to the word m₃. Theerror correction then makes it possible to use the code word m₃ for thisstring w′₁⊕w₁⊕c₁. Using the same notation as above, this gives c′₁=m₃.

As a result, calculating H(c′₁) finds H(m₃), i.e. the binary value 1, asindicated by the box round the second bit of the word c′₁ in FIG. 5.

Since H(c′₁)=H(c₁)=1, the biometric verification is successful. Theindividual 1 has been authenticated with success. The individual maythen perhaps benefit from a right being granted, for example.

FIG. 6 shows an example of biometric verification relating to anindividual 2 attempting to pass for the individual 1.

The binary string w₂ characterizing the individual 2 is obtained, e.g.by performing a biometric measurement. This string w₂ differs veryconsiderably from the string w₁ relating to the individual 1. Elevenbits (ringed in FIG. 6) differ between these two strings.

During biometric verification, the string w₂⊕w₁⊕c₁ is calculated, andthen the word c₂ of the code C is found that is the closest to thisstring, using the error decoding properties of the code. In the presentexample, the string w₂⊕w₁⊕c₁ presents three differences with the word m₄(ringed bits), so it is concluded that c₂=m₄.

The second bit c₂ (boxed in FIG. 6) is a 0, so H(c₂)=0. H(c₂) thusdiffers from H(c₁), so the verification fails. The individual 2 has notbeen able to pass for the individual 1.

In the example of FIG. 7, an individual 3 characterized by a binarystring w₃ is trying to pass for the individual 1. This attempt succeedssince the binary string w₃⊕w₁⊕c₁ leads to code word c₃=m₁ andH(c₃)=H(m₁)=H(m₃)=H(c₁)=1, as can be seen in FIG. 3.

This example corresponds to a false acceptance as tolerated by theintended application. This false acceptance is due to the lowdiscrimination power of the identifier H(c₁) since it can take on onlytwo values 0 or 1. Thus, whatever the binary string w_(i) relating to anindividual i, there is one chance in two that H(c_(i))=H(c₁).

This level of uncertainty is acceptable for the intended application. Italso serves to make it impossible to find the identity I_(i) of anindividual i from that individual's identifier H(c_(i)), even for aperson having access to the data structure that stores I_(i) andH(c_(i)) in association.

The present invention can also be used in identification applications,i.e. to find the identity of an individual from a biometric measurement.

Thus, referring again to FIG. 2, the idea is to find the identity of theindividual 1. Steps 12 to 14 are implemented as described above, exceptthat the string w′₁ is added to all of the strings w₁⊕c₁, w₂⊕c₂, . . . ,w_(m)⊕c_(m) stored in the database 8 relating to distinct individuals,or at least to a plurality of those strings.

Thereafter, for each condensed item obtained H(c′₁), H(c′₂), . . . ,H(c′_(m)), it is verified whether it corresponds to the correspondingidentifier H(c₁), H(c₂), . . . , H(c_(m)) that is stored in the database8.

When equality is detected, an identity can be deduced for the individualin question. For example, if H(c′₁)=H(c₁), then it can be concluded thatthe individual 1 possess the identity I₁ stored in association withH(c₁).

Nevertheless, it should be observed that unambiguous determination ofidentity can be achieved, a priori, only for database sizes that aresmaller than a certain limit as determined by the discriminating power.In general, a plurality of identities can correspond.

1. A biometric verification method using a first data medium storing inassociation, for at least one individual of a set of individuals: anidentity relating to said individual, the result of adding a first wordof an error-correcting code associated with said individual to a firstdigital string obtained from biometric data relating to said individualand at least two identifiers of distinct determined discriminatingpowers obtained by applying respective hashing functions to the firsterror-correcting code word; the method comprising the following stepsrelating to an individual of the set of individuals: obtaining biometricdata relating to the individual; converting the biometric data into asecond digital string; determining a second error-correcting code wordcorresponding substantially to adding the second digital string to theresult of adding the first error-correcting code word to the firstdigital string stored on the first data medium in association with theidentity relating to said individual; determining a desired level ofdiscrimination; determining the identifier stored on the first datamedium in association with the identity relating to said individual,having discriminating power corresponding substantially to the desiredlevel of discrimination; applying to the second error-correcting codeword the hashing function in application of which said determinedidentifier was obtained; and comparing the result of applying saidhashing function to said second error-correcting code word with thedetermined identifier.
 2. A method according to claim 1, in which atleast some of the hashing functions applied to the firsterror-correcting code word are selected to have an equiprobable arrivalspace comprising a number of possible values corresponding substantiallyto the determined discriminating power of the respective identifier. 3.A method according to claim 1, further comprising delivering a rightwhen the comparing the result of applying said hashing function to saidsecond error-correcting code word with the determined identifier findsequality between the result of applying said hashing function to thesecond error-correcting code word and the determined identifier.
 4. Amethod according to claim 1, also using a second data medium storing inassociation, for at least said individual of the set of individuals: thefirst digitalstring obtained from biometric data relating to saidindividual and the identifiers of distinct determined discriminatingpowers obtained by applying respective hashing functions to the firsterror-correcting code word associated with said individual; the methodfurther comprising the following steps relating to said individual ofthe set of individuals: finding the first digital string stored on thesecond data medium and corresponding substantially to said seconddigital string; finding the identifier stored on the second data mediumin association with the found first digital string, havingdiscriminating power corresponding substantially to the desired level ofdiscrimination; and comparing the result of applying the hashingfunction in application of which the found identifier was obtained tothe second error-correcting code word with the identifier as found.
 5. Abiometric verification system using a first data medium storing inassociation, for at least one individual of a set of individuals: anidentity relating to said individual, the result of adding a first wordof an error-correcting code associated with said individual to a firstdigital string obtained from biometric data relating to said individualand at least two identifiers of distinct determined discriminatingpowers obtained by applying respective hashing functions to the firsterror-correcting code word; the system comprising: means for obtainingbiometric data relating to the individual; means for converting thebiometric data into a second digital string; means for determining asecond error-correcting code word corresponding substantially to addingthe second digital string to the result of adding the firsterror-correcting code word to the first digital string stored on thefirst data medium in association with the identity relating to saidindividual; means for determining a desired level of discrimination;means for determining the identifier stored on the first data medium inassociation with the identity relating to said individual, havingdiscriminating power corresponding substantially to the desired level ofdiscrimination; means for applying to the second error-correcting codeword the hashing function in application of which said determinedidentifier was obtained; and means for comparing the result of applyingsaid hashing function to said second error-correcting code word with thedetermined identifier.
 6. A system according to claim 5, in which atleast some of the hashing functions applied to the firsterror-correcting code word are selected to have an equiprobable arrivalspace comprising a number of possible values corresponding substantiallyto the determined discriminating power of the respective identifier. 7.A system according to claim 5, further comprising means for delivering aright when the comparing the result of applying said hashing function tosaid second error-correcting code word with the determined identifierfinds equality between the result of applying said hashing function tothe second error-correcting code word and the determined identifier. 8.A system according to claim 5, also using a second data medium storingin association, for at least said individual of the set of individuals:the first digital string obtained from biometric data relating to saidindividual and the identifiers of distinct determined discriminatingpowers obtained by applying respective hashing functions to the firsterror-correcting code word associated with said individual; the systemfurther comprising, in relation to said individual of the set ofindividuals: means for finding the first digital string stored on thesecond data medium and corresponding substantially to said seconddigital string; means for finding the identifier stored on the seconddata medium in association with the found first digital string, havingdiscriminating power corresponding substantially to the desired level ofdiscrimination; and means for comparing the result of applying thehashing function in application of which the found identifier wasobtained to the second error-correcting code word with the identifier asfound.
 9. A computer program product comprising code instructions storedon a non-transitory computer-readable medium, the code instructionsbeing adapted, when loaded and executed by computer means, to implementa biometric verification method using a first data medium storing inassociation, for at least one individual of a set of individuals: anidentity relating to said individual, the result of adding a first wordof an error-correcting code associated with said individual to a firstdigital string obtained from biometric data relating to said individualand at least two identifiers of distinct determined discriminatingpowers obtained by applying respective hashing functions to the firsterror-correcting code word, comprising the following steps relating toan individual of the set of individuals: obtaining biometric datarelating to the individual; converting the biometric data into a seconddigital string; determining a second error-correcting code wordcorresponding substantially to adding the second digital string to theresult of adding the first error-correcting code word to the firstdigital string stored on the first data medium in association with theidentity relating to said individual; determining a desired level ofdiscrimination; determining the identifier stored on the first datamedium in association with the identity relating to said individual,having discriminating power corresponding substantially to the desiredlevel of discrimination; applying to the second error-correcting codeword the hashing function in application of which said determinedidentifier was obtained; and comparing the result of applying saidhashing function to said second error-correcting code word with thedetermined identifier.
 10. A computer program product according to claim9, in which at least some of the hashing functions applied to the firsterror-correcting code word are selected to have an equiprobable arrivalspace comprising a number of possible values corresponding substantiallyto the determined discriminating power of the respective identifier. 11.A computer program product according to claim 9, further comprising codeinstructions for delivering a right when the comparing the result ofapplying said hashing function to said second error-correcting code wordwith the determined identifier finds equality between the result ofapplying said hashing function to the second error-correcting code wordand the determined identifier.
 12. A computer program product accordingto claim 9, in which the method implemented by the code instructionscomprised by the computer program product also uses a second data mediumstoring in association, for at least said individual of the set ofindividuals: the first digital string obtained from biometric datarelating to said individual and the identifiers of distinct determineddiscriminating powers obtained by applying respective hashing functionsto the first error-correcting code word associated with said individual;and further comprises the following steps relating to said individual ofthe set of individuals: finding the first digital string stored on thesecond data medium and corresponding substantially to said seconddigital string; finding the identifier stored on the second data mediumin association with the found first digital string, havingdiscriminating power corresponding substantially to the desired level ofdiscrimination; and comparing the result of applying the hashingfunction in application of which the found identifier was obtained tothe second error-correcting code word with the identifier as found.